From 5c496674f63b31e892d0f3bed7921feb947ed839 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sat, 15 Dec 2012 01:19:55 -0500 Subject: [PATCH 01/14] [ticket/10758] Dependency inject parameters into cache_moderators. Also add phpbb prefix since the signature is being changed anyway. PHPBB3-10758 --- phpBB/includes/acp/acp_forums.php | 6 +++--- phpBB/includes/acp/acp_main.php | 18 +++++++++--------- phpBB/includes/acp/acp_permissions.php | 16 ++++++++-------- phpBB/includes/acp/acp_styles.php | 4 +++- phpBB/includes/functions_admin.php | 14 +++++++++----- phpBB/includes/functions_user.php | 12 ++++++------ phpBB/install/install_convert.php | 3 ++- 7 files changed, 40 insertions(+), 33 deletions(-) diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index c6dbf5eb9c..7e8d5d8388 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -206,7 +206,7 @@ class acp_forums ($action != 'edit' || empty($forum_id) || ($auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth')))) { copy_forum_permissions($forum_perm_from, $forum_data['forum_id'], ($action == 'edit') ? true : false); - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); $copied_permissions = true; } /* Commented out because of questionable UI workflow - re-visit for 3.0.7 @@ -266,7 +266,7 @@ class acp_forums add_log('admin', 'LOG_FORUM_' . strtoupper($action), $row['forum_name'], $move_forum_name); $cache->destroy('sql', FORUMS_TABLE); } - + if ($request->is_ajax()) { $json_response = new phpbb_json_response; @@ -768,7 +768,7 @@ class acp_forums if (!empty($forum_perm_from) && $forum_perm_from != $forum_id) { copy_forum_permissions($forum_perm_from, $forum_id, true); - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); $auth->acl_clear_prefetch(); $cache->destroy('sql', FORUMS_TABLE); diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index d419bc3b99..c44bc1b8a6 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -24,7 +24,7 @@ class acp_main function main($id, $mode) { - global $config, $db, $user, $auth, $template, $request; + global $config, $db, $cache, $user, $auth, $template, $request; global $phpbb_root_path, $phpbb_admin_path, $phpEx; // Show restore permissions notice @@ -129,7 +129,7 @@ class acp_main set_config('record_online_users', 1, true); set_config('record_online_date', time(), true); add_log('admin', 'LOG_RESET_ONLINE'); - + if ($request->is_ajax()) { trigger_error('RESET_ONLINE_SUCCESS'); @@ -184,7 +184,7 @@ class acp_main update_last_username(); add_log('admin', 'LOG_RESYNC_STATS'); - + if ($request->is_ajax()) { trigger_error('RESYNC_STATS_SUCCESS'); @@ -251,7 +251,7 @@ class acp_main } add_log('admin', 'LOG_RESYNC_POSTCOUNTS'); - + if ($request->is_ajax()) { trigger_error('RESYNC_POSTCOUNTS_SUCCESS'); @@ -266,7 +266,7 @@ class acp_main set_config('board_startdate', time() - 1); add_log('admin', 'LOG_RESET_DATE'); - + if ($request->is_ajax()) { trigger_error('RESET_DATE_SUCCESS'); @@ -346,7 +346,7 @@ class acp_main } add_log('admin', 'LOG_RESYNC_POST_MARKING'); - + if ($request->is_ajax()) { trigger_error('RESYNC_POST_MARKING_SUCCESS'); @@ -359,10 +359,10 @@ class acp_main // Clear permissions $auth->acl_clear_prefetch(); - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); add_log('admin', 'LOG_PURGE_CACHE'); - + if ($request->is_ajax()) { trigger_error('PURGE_CACHE_SUCCESS'); @@ -413,7 +413,7 @@ class acp_main $db->sql_query($sql); add_log('admin', 'LOG_PURGE_SESSIONS'); - + if ($request->is_ajax()) { trigger_error('PURGE_SESSIONS_SUCCESS'); diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index dd071074de..d65a9cbb9e 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -656,7 +656,7 @@ class acp_permissions */ function set_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id) { - global $user, $auth; + global $db, $cache, $user, $auth; global $request; $psubmit = request_var('psubmit', array(0 => array(0 => 0))); @@ -726,7 +726,7 @@ class acp_permissions // Do we need to recache the moderator lists? if ($permission_type == 'm_') { - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); } // Remove users who are now moderators or admins from everyones foes list @@ -745,7 +745,7 @@ class acp_permissions */ function set_all_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id) { - global $user, $auth; + global $db, $cache, $user, $auth; global $request; // User or group to be set? @@ -794,7 +794,7 @@ class acp_permissions // Do we need to recache the moderator lists? if ($permission_type == 'm_') { - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); } // Remove users who are now moderators or admins from everyones foes list @@ -858,7 +858,7 @@ class acp_permissions */ function remove_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id, &$forum_id) { - global $user, $db, $auth; + global $user, $db, $cache, $auth; // User or group to be set? $ug_type = (sizeof($user_id)) ? 'user' : 'group'; @@ -874,7 +874,7 @@ class acp_permissions // Do we need to recache the moderator lists? if ($permission_type == 'm_') { - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); } $this->log_action($mode, 'del', $permission_type, $ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : array(0 => 0))); @@ -1172,7 +1172,7 @@ class acp_permissions */ function copy_forum_permissions() { - global $auth, $cache, $template, $user; + global $db, $auth, $cache, $template, $user; $user->add_lang('acp/forums'); @@ -1187,7 +1187,7 @@ class acp_permissions { if (copy_forum_permissions($src, $dest)) { - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); $auth->acl_clear_prefetch(); $cache->destroy('sql', FORUMS_TABLE); diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index db77825ae7..266495972b 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -137,11 +137,13 @@ class acp_styles */ protected function action_cache() { + global $db, $cache, $auth; + $this->cache->purge(); // Clear permissions $this->auth->acl_clear_prefetch(); - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); add_log('admin', 'LOG_PURGE_CACHE'); diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 15930f9a2c..571f1acd1d 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2292,13 +2292,17 @@ function auto_prune($forum_id, $prune_mode, $prune_flags, $prune_days, $prune_fr } /** -* Cache moderators, called whenever permissions are changed via admin_permissions. Changes of username -* and group names must be carried through for the moderators table +* Cache moderators. Called whenever permissions are changed +* via admin_permissions. Changes of usernames and group names +* must be carried through for the moderators table +* +* @param phpbb_db_driver $db Database connection +* @param phpbb_cache_driver_interface Cache driver +* @param phpbb_auth $auth Authentication object +* @return null */ -function cache_moderators() +function phpbb_cache_moderators($db, $cache, $auth) { - global $db, $cache, $auth, $phpbb_root_path, $phpEx; - // Remove cached sql results $cache->destroy('sql', MODERATOR_CACHE_TABLE); diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 8f9c9198f4..2d6c15a5b1 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2842,7 +2842,7 @@ function avatar_remove_db($avatar_name) */ function group_delete($group_id, $group_name = false) { - global $db, $phpbb_root_path, $phpEx, $phpbb_dispatcher; + global $db, $cache, $auth, $phpbb_root_path, $phpEx, $phpbb_dispatcher; if (!$group_name) { @@ -2913,12 +2913,12 @@ function group_delete($group_id, $group_name = false) extract($phpbb_dispatcher->trigger_event('core.delete_group_after', compact($vars))); // Re-cache moderators - if (!function_exists('cache_moderators')) + if (!function_exists('phpbb_cache_moderators')) { include($phpbb_root_path . 'includes/functions_admin.' . $phpEx); } - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); add_log('admin', 'LOG_GROUP_DELETE', $group_name); @@ -3678,7 +3678,7 @@ function group_memberships($group_id_ary = false, $user_id_ary = false, $return_ */ function group_update_listings($group_id) { - global $auth; + global $db, $cache, $auth; $hold_ary = $auth->acl_group_raw_data($group_id, array('a_', 'm_')); @@ -3720,12 +3720,12 @@ function group_update_listings($group_id) if ($mod_permissions) { - if (!function_exists('cache_moderators')) + if (!function_exists('phpbb_cache_moderators')) { global $phpbb_root_path, $phpEx; include($phpbb_root_path . 'includes/functions_admin.' . $phpEx); } - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); } if ($mod_permissions || $admin_permissions) diff --git a/phpBB/install/install_convert.php b/phpBB/install/install_convert.php index 9afe341ffa..15202768b8 100644 --- a/phpBB/install/install_convert.php +++ b/phpBB/install/install_convert.php @@ -1538,6 +1538,7 @@ class install_convert extends module function finish_conversion() { global $db, $phpbb_root_path, $phpEx, $convert, $config, $language, $user, $template; + global $cache, $auth; $db->sql_query('DELETE FROM ' . CONFIG_TABLE . " WHERE config_name = 'convert_progress' @@ -1547,7 +1548,7 @@ class install_convert extends module $db->sql_query('DELETE FROM ' . SESSIONS_TABLE); @unlink($phpbb_root_path . 'cache/data_global.' . $phpEx); - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); // And finally, add a note to the log add_log('admin', 'LOG_INSTALL_CONVERTED', $convert->convertor_data['forum_name'], $config['version']); From e82833d4b8bc9241641577b12a779e12338ace39 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sat, 15 Dec 2012 01:29:10 -0500 Subject: [PATCH 02/14] [ticket/10758] Dependency inject parameters into update_foes. Also add phpbb prefix since the signature is being changed anyway. PHPBB3-10758 --- phpBB/includes/acp/acp_permissions.php | 4 ++-- phpBB/includes/functions_admin.php | 12 ++++++++---- phpBB/includes/functions_user.php | 4 ++-- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index d65a9cbb9e..3d4c256a3f 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -732,7 +732,7 @@ class acp_permissions // Remove users who are now moderators or admins from everyones foes list if ($permission_type == 'm_' || $permission_type == 'a_') { - update_foes($group_id, $user_id); + phpbb_update_foes($db, $auth, $group_id, $user_id); } $this->log_action($mode, 'add', $permission_type, $ug_type, $ug_id, $forum_id); @@ -800,7 +800,7 @@ class acp_permissions // Remove users who are now moderators or admins from everyones foes list if ($permission_type == 'm_' || $permission_type == 'a_') { - update_foes($group_id, $user_id); + phpbb_update_foes($db, $auth, $group_id, $user_id); } $this->log_action($mode, 'add', $permission_type, $ug_type, $ug_ids, $forum_ids); diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 571f1acd1d..e8dd55813b 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2744,12 +2744,16 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id } /** -* Update foes - remove moderators and administrators from foe lists... +* Removes moderators and administrators from foe lists. +* +* @param phpbb_db_driver $db Database connection +* @param phpbb_auth $auth Authentication object +* @param array|bool $group_id If an array, remove all members of this group from foe lists, or false to ignore +* @param array|bool $user_id If an array, remove this user from foe lists, or false to ignore +* @return null */ -function update_foes($group_id = false, $user_id = false) +function phpbb_update_foes($db, $auth, $group_id = false, $user_id = false) { - global $db, $auth; - // update foes for some user if (is_array($user_id) && sizeof($user_id)) { diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 2d6c15a5b1..a50d5175fe 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -3730,12 +3730,12 @@ function group_update_listings($group_id) if ($mod_permissions || $admin_permissions) { - if (!function_exists('update_foes')) + if (!function_exists('phpbb_update_foes')) { global $phpbb_root_path, $phpEx; include($phpbb_root_path . 'includes/functions_admin.' . $phpEx); } - update_foes(array($group_id)); + phpbb_update_foes($db, $auth, array($group_id)); } } From ff83580af1af7623012843c56fba605ec2ad7df1 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sat, 15 Dec 2012 13:45:33 -0500 Subject: [PATCH 03/14] [ticket/10758] Add a test for acp login. PHPBB3-10758 --- tests/functional/auth_test.php | 11 +++++++++++ tests/test_framework/phpbb_functional_test_case.php | 6 ++++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/tests/functional/auth_test.php b/tests/functional/auth_test.php index 662b1bd38b..f92a4a2210 100644 --- a/tests/functional/auth_test.php +++ b/tests/functional/auth_test.php @@ -49,4 +49,15 @@ class phpbb_functional_auth_test extends phpbb_functional_test_case $this->assert_response_success(); $this->assertContains($this->lang('REGISTER'), $crawler->filter('.navbar')->text()); } + + public function test_acp_login() + { + $this->login(); + $this->admin_login(); + + // check that we are logged in + $crawler = $this->request('GET', 'adm/index.php?sid=' . $this->sid); + $this->assert_response_success(); + $this->assertContains($this->lang('ADMIN_PANEL'), $crawler->filter('h1')->text()); + } } diff --git a/tests/test_framework/phpbb_functional_test_case.php b/tests/test_framework/phpbb_functional_test_case.php index 67a5050892..c599abcbcd 100644 --- a/tests/test_framework/phpbb_functional_test_case.php +++ b/tests/test_framework/phpbb_functional_test_case.php @@ -323,7 +323,7 @@ class phpbb_functional_test_case extends phpbb_test_case * Login to the ACP * You must run login() before calling this. */ - protected function admin_login() + protected function admin_login($username = 'admin') { $this->add_lang('acp/common'); @@ -343,7 +343,9 @@ class phpbb_functional_test_case extends phpbb_test_case { if (strpos($field, 'password_') === 0) { - $login = $this->client->submit($form, array('username' => 'admin', $field => 'admin')); + $crawler = $this->client->submit($form, array('username' => $username, $field => $username)); + $this->assert_response_success(); + $this->assertContains($this->lang('LOGIN_ADMIN_SUCCESS'), $crawler->filter('html')->text()); $cookies = $this->cookieJar->all(); From 9e7d663e7638bac9add20d82467b8008e5c83e3b Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sat, 15 Dec 2012 14:09:33 -0500 Subject: [PATCH 04/14] [ticket/10758] Spelling fix. PHPBB3-10758 --- phpBB/includes/auth/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/auth/auth.php b/phpBB/includes/auth/auth.php index e3bccaf47b..1ad9f94d26 100644 --- a/phpBB/includes/auth/auth.php +++ b/phpBB/includes/auth/auth.php @@ -191,7 +191,7 @@ class phpbb_auth /** * Get forums with the specified permission setting - * if the option is prefixed with !, then the result becomes nagated + * if the option is prefixed with !, then the result becomes negated * * @param bool $clean set to true if only values needs to be returned which are set/unset */ From 7b9092ea3b4ea63bd8c20c1b66b8bd4240e2c497 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sat, 15 Dec 2012 16:17:18 -0500 Subject: [PATCH 05/14] [ticket/10758] Functional test for changing a user's permission. PHPBB3-10758 --- tests/functional/acp_permissions_test.php | 53 +++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 tests/functional/acp_permissions_test.php diff --git a/tests/functional/acp_permissions_test.php b/tests/functional/acp_permissions_test.php new file mode 100644 index 0000000000..4c5ae9bbb1 --- /dev/null +++ b/tests/functional/acp_permissions_test.php @@ -0,0 +1,53 @@ +login(); + $this->admin_login(); + $this->add_lang('acp/permissions'); + + // Permissions tab + // XXX hardcoded ids + $crawler = $this->request('GET', 'adm/index.php?i=16&sid=' . $this->sid); + $this->assert_response_success(); + // these language strings are html + $this->assertContains($this->lang('ACP_PERMISSIONS_EXPLAIN'), $this->client->getResponse()->getContent()); + + // User permissions + $crawler = $this->request('GET', 'adm/index.php?i=acp_permissions&icat=16&mode=setting_user_global&sid=' . $this->sid); + $this->assert_response_success(); + $this->assertContains($this->lang('ACP_USERS_PERMISSIONS_EXPLAIN'), $this->client->getResponse()->getContent()); + + // Select admin + $form = $crawler->selectButton($this->lang('SUBMIT'))->form(); + $data = array('username[0]' => 'admin'); + $form->setValues($data); + $crawler = $this->client->submit($form); + $this->assert_response_success(); + $this->assertContains($this->lang('ACL_SET'), $crawler->filter('h1')->eq(1)->text()); + + // Set u_hideonline to never + $form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form(); + // initially it should be a yes + $values = $form->getValues(); + $this->assertEquals(1, $values['setting[2][0][u_hideonline]']); + // set to never + $data = array('setting[2][0][u_hideonline]' => '0'); + $form->setValues($data); + $crawler = $this->client->submit($form); + $this->assert_response_success(); + $this->assertContains($this->lang('AUTH_UPDATED'), $crawler->text()); + } +} From 9a1df948c635d9dbabaff94313652c6d8d1df28d Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Wed, 19 Dec 2012 21:50:03 -0500 Subject: [PATCH 06/14] [ticket/10758] Extract obtain_user_data for the benefit of tests. PHPBB3-10758 --- phpBB/includes/acp/acp_permissions.php | 7 +------ phpBB/includes/auth/auth.php | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index 3d4c256a3f..a64765f4f5 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -952,12 +952,7 @@ class acp_permissions if ($user_id != $user->data['user_id']) { - $sql = 'SELECT user_id, username, user_permissions, user_type - FROM ' . USERS_TABLE . ' - WHERE user_id = ' . $user_id; - $result = $db->sql_query($sql); - $userdata = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + $userdata = $auth->obtain_user_data($user_id); } else { diff --git a/phpBB/includes/auth/auth.php b/phpBB/includes/auth/auth.php index 1ad9f94d26..2535247571 100644 --- a/phpBB/includes/auth/auth.php +++ b/phpBB/includes/auth/auth.php @@ -102,6 +102,26 @@ class phpbb_auth return; } + /** + * Retrieves data wanted by acl function from the database for the + * specified user. + * + * @param int $user_id User ID + * @return array User attributes + */ + public function obtain_user_data($user_id) + { + global $db; + + $sql = 'SELECT user_id, username, user_permissions, user_type + FROM ' . USERS_TABLE . ' + WHERE user_id = ' . $user_id; + $result = $db->sql_query($sql); + $user_data = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + return $user_data; + } + /** * Fill ACL array with relevant bitstrings from user_permissions column * @access private From ac3e69cb0856779016dcc02060e8e30b804fcd67 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Wed, 19 Dec 2012 21:49:41 -0500 Subject: [PATCH 07/14] [ticket/10758] Check that acl was changed in the test. PHPBB3-10758 --- tests/functional/acp_permissions_test.php | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/tests/functional/acp_permissions_test.php b/tests/functional/acp_permissions_test.php index 4c5ae9bbb1..0fa7898963 100644 --- a/tests/functional/acp_permissions_test.php +++ b/tests/functional/acp_permissions_test.php @@ -19,7 +19,7 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case $this->add_lang('acp/permissions'); // Permissions tab - // XXX hardcoded ids + // XXX hardcoded id $crawler = $this->request('GET', 'adm/index.php?i=16&sid=' . $this->sid); $this->assert_response_success(); // these language strings are html @@ -38,6 +38,17 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case $this->assert_response_success(); $this->assertContains($this->lang('ACL_SET'), $crawler->filter('h1')->eq(1)->text()); + // XXX globals for phpbb_auth, refactor it later + global $db, $cache; + $db = $this->get_db(); + $cache = new phpbb_mock_null_cache; + + $auth = new phpbb_auth; + // XXX hardcoded id + $user_data = $auth->obtain_user_data(2); + $auth->acl($user_data); + $this->assertEquals(1, $auth->acl_get('u_hideonline')); + // Set u_hideonline to never $form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form(); // initially it should be a yes @@ -49,5 +60,12 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case $crawler = $this->client->submit($form); $this->assert_response_success(); $this->assertContains($this->lang('AUTH_UPDATED'), $crawler->text()); + + // check acl again + $auth = new phpbb_auth; + // XXX hardcoded id + $user_data = $auth->obtain_user_data(2); + $auth->acl($user_data); + $this->assertEquals(0, $auth->acl_get('u_hideonline')); } } From 3327a4676ce2f894881485aa8f5a5c40c9ea260e Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sat, 15 Dec 2012 17:26:48 -0500 Subject: [PATCH 08/14] [ticket/10758] Test moderator and admin permissions. PHPBB3-10758 --- tests/functional/acp_permissions_test.php | 65 +++++++++++++++++++++-- 1 file changed, 60 insertions(+), 5 deletions(-) diff --git a/tests/functional/acp_permissions_test.php b/tests/functional/acp_permissions_test.php index 0fa7898963..511306ac84 100644 --- a/tests/functional/acp_permissions_test.php +++ b/tests/functional/acp_permissions_test.php @@ -12,19 +12,27 @@ */ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case { - public function test_set_permission() + public function setUp() { + parent::setUp(); + $this->login(); $this->admin_login(); $this->add_lang('acp/permissions'); + } + public function test_permissions_tab() + { // Permissions tab // XXX hardcoded id $crawler = $this->request('GET', 'adm/index.php?i=16&sid=' . $this->sid); $this->assert_response_success(); // these language strings are html $this->assertContains($this->lang('ACP_PERMISSIONS_EXPLAIN'), $this->client->getResponse()->getContent()); + } + public function test_select_user() + { // User permissions $crawler = $this->request('GET', 'adm/index.php?i=acp_permissions&icat=16&mode=setting_user_global&sid=' . $this->sid); $this->assert_response_success(); @@ -37,6 +45,53 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case $crawler = $this->client->submit($form); $this->assert_response_success(); $this->assertContains($this->lang('ACL_SET'), $crawler->filter('h1')->eq(1)->text()); + } + + public function permissions_data() + { + return array( + // description + // permission type + // permission name + // mode + // object name + // object id + array( + 'user permission', + 'u_', + 'u_hideonline', + 'setting_user_global', + 'user_id', + 2, + ), + array( + 'moderator permission', + 'm_', + 'm_ban', + 'setting_mod_global', + 'group_id', + 4, + ), + array( + 'admin permission', + 'a_', + 'a_forum', + 'setting_admin_global', + 'group_id', + 5, + ), + ); + } + + /** + * @dataProvider permissions_data + */ + public function test_change_permission($description, $permission_type, $permission, $mode, $object_name, $object_id) + { + // Get the form + $crawler = $this->request('GET', "adm/index.php?i=acp_permissions&icat=16&mode=$mode&${object_name}[0]=$object_id&type=$permission_type&sid=" . $this->sid); + $this->assert_response_success(); + $this->assertContains($this->lang('ACL_SET'), $crawler->filter('h1')->eq(1)->text()); // XXX globals for phpbb_auth, refactor it later global $db, $cache; @@ -47,15 +102,15 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case // XXX hardcoded id $user_data = $auth->obtain_user_data(2); $auth->acl($user_data); - $this->assertEquals(1, $auth->acl_get('u_hideonline')); + $this->assertEquals(1, $auth->acl_get($permission)); // Set u_hideonline to never $form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form(); // initially it should be a yes $values = $form->getValues(); - $this->assertEquals(1, $values['setting[2][0][u_hideonline]']); + $this->assertEquals(1, $values["setting[$object_id][0][$permission]"]); // set to never - $data = array('setting[2][0][u_hideonline]' => '0'); + $data = array("setting[$object_id][0][$permission]" => '0'); $form->setValues($data); $crawler = $this->client->submit($form); $this->assert_response_success(); @@ -66,6 +121,6 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case // XXX hardcoded id $user_data = $auth->obtain_user_data(2); $auth->acl($user_data); - $this->assertEquals(0, $auth->acl_get('u_hideonline')); + $this->assertEquals(0, $auth->acl_get($permission)); } } From f9cee47003ad76c124822675cf4db0406af1bd70 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sat, 15 Dec 2012 17:33:07 -0500 Subject: [PATCH 09/14] [ticket/10758] Admin is not working yet. PHPBB3-10758 --- tests/functional/acp_permissions_test.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/functional/acp_permissions_test.php b/tests/functional/acp_permissions_test.php index 511306ac84..f7fd44fc89 100644 --- a/tests/functional/acp_permissions_test.php +++ b/tests/functional/acp_permissions_test.php @@ -72,6 +72,7 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case 'group_id', 4, ), + /* Admin does not work yet, probably because founder can do everything array( 'admin permission', 'a_', @@ -80,6 +81,7 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case 'group_id', 5, ), + */ ); } From 69e373c1af09e10722c1146f44493e8dc3669918 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Wed, 19 Dec 2012 21:47:53 -0500 Subject: [PATCH 10/14] [ticket/10758] Add compat functions. PHPBB3-10758 --- phpBB/includes/functions_admin.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index e8dd55813b..496d3eba09 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2472,6 +2472,20 @@ function phpbb_cache_moderators($db, $cache, $auth) $db->sql_multi_insert(MODERATOR_CACHE_TABLE, $sql_ary); } +/** +* Cache moderators. Called whenever permissions are changed +* via admin_permissions. Changes of usernames and group names +* must be carried through for the moderators table +* +* @return null +*/ +function cache_moderators() +{ + global $db, $cache, $auth; + return phpbb_cache_moderators($db, $cache, $auth); +} + + /** * View log * If $log_count is set to false, we will skip counting all entries in the database. @@ -2862,6 +2876,19 @@ function phpbb_update_foes($db, $auth, $group_id = false, $user_id = false) unset($perms); } +/** +* Removes moderators and administrators from foe lists. +* +* @param array|bool $group_id If an array, remove all members of this group from foe lists, or false to ignore +* @param array|bool $user_id If an array, remove this user from foe lists, or false to ignore +* @return null +*/ +function update_foes($group_id = false, $user_id = false) +{ + global $db, $auth; + phpbb_update_foes($db, $auth, $group_id, $user_id); +} + /** * Lists inactive users */ From 5c817289834e7a34d47410f89907de1bafefff8a Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Thu, 20 Dec 2012 05:10:57 -0500 Subject: [PATCH 11/14] [ticket/10758] Add deprecated tags. PHPBB3-10758 --- phpBB/includes/functions_admin.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 496d3eba09..77c70eb6fc 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2477,6 +2477,7 @@ function phpbb_cache_moderators($db, $cache, $auth) * via admin_permissions. Changes of usernames and group names * must be carried through for the moderators table * +* @deprecated 3.1 * @return null */ function cache_moderators() @@ -2879,6 +2880,7 @@ function phpbb_update_foes($db, $auth, $group_id = false, $user_id = false) /** * Removes moderators and administrators from foe lists. * +* @deprecated 3.1 * @param array|bool $group_id If an array, remove all members of this group from foe lists, or false to ignore * @param array|bool $user_id If an array, remove this user from foe lists, or false to ignore * @return null From aaaf8a5332aa6679522c687f0c8144d0819c05a5 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sat, 22 Dec 2012 17:40:25 -0500 Subject: [PATCH 12/14] [ticket/10758] Yes, only one empty line. PHPBB3-10758 --- phpBB/includes/functions_admin.php | 1 - 1 file changed, 1 deletion(-) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 77c70eb6fc..22735cf2cd 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2486,7 +2486,6 @@ function cache_moderators() return phpbb_cache_moderators($db, $cache, $auth); } - /** * View log * If $log_count is set to false, we will skip counting all entries in the database. From 496529fa714b6cdc6e8b8ffeb7750fe27907c267 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sat, 22 Dec 2012 17:54:54 -0500 Subject: [PATCH 13/14] [ticket/10758] Add periods. PHPBB3-10758 --- phpBB/includes/functions_admin.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 22735cf2cd..3864c9de36 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2294,7 +2294,7 @@ function auto_prune($forum_id, $prune_mode, $prune_flags, $prune_days, $prune_fr /** * Cache moderators. Called whenever permissions are changed * via admin_permissions. Changes of usernames and group names -* must be carried through for the moderators table +* must be carried through for the moderators table. * * @param phpbb_db_driver $db Database connection * @param phpbb_cache_driver_interface Cache driver @@ -2475,7 +2475,7 @@ function phpbb_cache_moderators($db, $cache, $auth) /** * Cache moderators. Called whenever permissions are changed * via admin_permissions. Changes of usernames and group names -* must be carried through for the moderators table +* must be carried through for the moderators table. * * @deprecated 3.1 * @return null From 8707a3413504b0cf922086daa6fc497ccf090448 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Mon, 24 Dec 2012 15:12:57 -0500 Subject: [PATCH 14/14] [ticket/10758] Add return to the other compat function. PHPBB3-10758 --- phpBB/includes/functions_admin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 3864c9de36..5529f2af46 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2887,7 +2887,7 @@ function phpbb_update_foes($db, $auth, $group_id = false, $user_id = false) function update_foes($group_id = false, $user_id = false) { global $db, $auth; - phpbb_update_foes($db, $auth, $group_id, $user_id); + return phpbb_update_foes($db, $auth, $group_id, $user_id); } /**